Intel is investigating 20GB intellectual property dump

Shawn Knight

Posts: 12,530   +122
Staff member
Bottom line: It'll take some time for researchers to comb through the data dump and determine just how harmful the information could be on the open market. But perhaps the company's bigger concern is what could be lying in wait.

Intel has reportedly suffered a massive data breach that, according to the anonymous source of the material, is the first of several planned intellectual releases to come.

The first batch of data, a 20GB collection of internal documents, debugging tools and BIOS code, was initially shared on Twitter by Till Kottmann, a Swiss software engineer with a history of sharing leaked data from major tech companies. Kottman said an the anonymous source nabbed the data by hacking Intel earlier this year.

Intel has issued the following statement to the press regarding the matter.

We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.

ZDNet reviewed the contents of the leak with security researchers, who deemed the material authentic. According to Kottmann, the dump includes:

  • Intel ME Bringup guides + (flash) tooling + samples for various platforms
  • Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
  • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
  • Silicon / FSP source code packages for various platforms
  • Various Intel Development and Debugging Tools
  • Simics Simulation for Rocket Lake S and potentially other platforms
  • Various roadmaps and other documents
  • Binaries for Camera drivers Intel made for SpaceX
  • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
  • (very horrible) Kabylake FDK training videos
  • Intel Trace Hub + decoder files for various Intel ME versions
  • Elkhart Lake Silicon Reference and Platform Sample Code
  • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
  • Debug BIOS/TXE builds for various Platforms
  • Bootguard SDK (encrypted zip)
  • Intel Snowridge / Snowfish Process Simulator ADK
  • Various schematics
  • Intel Marketing Material Templates (InDesign)

Regardless of how the data was obtained, it’s not a good look for Intel. Perhaps even more worrisome is the possibility that this is the first of several more leaks to come.

Masthead credit: Sundry Photography

Permalink to story.

 

fadingfool

Posts: 181   +180
Not good and whilst not an Intel fan (because of some pretty shady business practices) I hope the damaging documents are more limited in scope than the above titles would indicate.
 

mbrowne5061

Posts: 1,602   +906
"Some Verilog stuff for various Xeon Platforms, unsure what it is exactly."

This could actually be very serious. Verilog is the language used to describe CPU architecture. It can be used to simulate logical behavior on FPGAs (or just program FPGAs). In this case, think of it like 'source code for hardware'. Depending on how much was released, and of what parts of the CPU, you could potentially allow an attacker to directly study - and simulate - hypothetical attacks.
 
  • Like
Reactions: 0dium

Irata

Posts: 810   +1,142
TechSpot Elite
As much as I dislike Intel, this is not good if the leak(s) contain any business secrets.

....except if there was information on any shady business practices that go against the terms of their FTC settlement or any other shady behavior. This information should be made public, but I doubt any such information is even written down.

Anything else though - nope. That would not be right.
 

Uncle Al

Posts: 7,402   +5,848
Don't tell me ..... all their Server Administrators are still "password" ....... LOL
 

Southern Belle

Posts: 12   +0
Personally I HATE INTEL!!!! They are thieves of other peoples designs stealling them and getting patents for things they never even thought of~

I only hope that public entities were not in danger from this, and maybe intel will learn that karma really does come around~